Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

3f23140294...8.html

windows7-x64

3

3f23140294...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    143s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    13/10/2024, 09:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3f23140294a3b60cceb08936a2649d81_JaffaCakes118.html

  • Size

    139KB

  • MD5

    3f23140294a3b60cceb08936a2649d81

  • SHA1

    0887861196a8160f52b6d52daf0c5be90ce39528

  • SHA256

    abe1427fbd21f3cf9cfb8a8bef248e099e0c2a4f73ee7dbfb836ec2821f83067

  • SHA512

    a7e8b8ad8fb4c775d18e8016314f6ea42600e6ca865fa482deb3463d659364e9b966d2d1d9a03e94529430d5b0fcd26f2eee9215cd994438da4dec5ada44347b

  • SSDEEP

    1536:SSNlYlqlVLJ1wIryLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJA:SSgMw8yfkMY+BES09JXAnyrZalI+YQ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\3f23140294a3b60cceb08936a2649d81_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2512
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2512 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1352

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4c88d6fc39203bb9b43989d82a93176f

    SHA1

    03a11b44c0c5a063b520f2bc0a77da5d75ec6ec4

    SHA256

    8a242d24fb35b16b0e28dccbd8d675d17d72aeab72a91e91aacb9757e32d575f

    SHA512

    b3b5fe4dd2ff9c943bee8a5b475332a7c7e0a707e4c20e7cc0b0c928aabc5473fbb58810e86d4034dc86e4a2fe76f4a071587211c32ca606caca51dca8966941

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    24ac8454a0354524f43bfb17548d8943

    SHA1

    124885a28f18066729a64ce71de0047c6b6b4572

    SHA256

    05fcb9c8ba9841b244149c5b6f087410836b8a5b29ac20cdc22fa4c51e83f663

    SHA512

    fe0540c637c7c0331c4c3597b5b411a8b92298781eb0ab3d5443afe4203e4ee0fbda05f887e84342c72f62199879c9e47dbc055322c70e2d2fdb7e619a5b7301

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5b6ea03451a1023c2d64ddf98fa4727a

    SHA1

    f32d8dae5567481a5fedfeaa5148e3e10bf0c9e8

    SHA256

    0076b5a1bc30c6d889a885e4ceabb08fb8f6c3d87d31ef9b3ce05ff1ed3d5fe5

    SHA512

    b2be20eaa1c3619f34a1a2a70749294e72333a1f49b719c45914bda56717591734738c3d0d0480c0155bc4e3bdecc229f9e4077249d751b518c67752acf940f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    70278b2805a007161605b4a0812cc2f4

    SHA1

    291be43de26c34481d9c75555c5d2cb021ff3613

    SHA256

    01069634e0fe8f053a67ac981899c93bac23a11c096b76bf5fbc5c7bf82d2f31

    SHA512

    4156b08c9ff892451f0196f431530632246807e563ed56b4a34f105711513fe5e45984b9d3c9b6d3046b25371db7bac6b159f4289c7e07d0e6042be9e1fba9e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c4d66543a4a5656f32cf757e4a9b9fb6

    SHA1

    34ffe9b401401a186feb2cbba2f1b91d3b299c0a

    SHA256

    069fdb24e78dcefd6ad2a0e13dd9ed5613cb228ed8c8130b91d5f1c17371532a

    SHA512

    cb1d4bea6f5c1411628a5d7f383291b775dbc0744a5777dedf2c54c8c57c263c040d033441edf6132fdb38ebf2af689884db2fa258808d767206fce7c484caeb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    19b556a0017800ebf4a328d656397f4e

    SHA1

    c62ae2dced4081463463a2a618707ebff63d01ee

    SHA256

    a3cd76a4bc4e1a7de36062f8c67b202433e534097588cef89aa4f09f7b1c518c

    SHA512

    c330ae307040d128d18b8b82e8e8d6f595ebdc90967aa6d9fc091d60758769caa0a8d78b4a21db16a3c40a82c3001e7c12f28e19030fd65afc8270a5a3e2c894

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    975b3565db075c7dcbb9fa19f19be3fb

    SHA1

    5c958844ef0adc84206cfc904986a594533c494c

    SHA256

    8d8ccbec97cc079d9e79484e9b082575be6f66a0b04a47164d575aa746f3af51

    SHA512

    dac00445b5044756cbaad2f273edd44cc4b1e25dbe2b4fb494d65f273dbbb4ee89f7d7df0aeccc10581a3093a63171a1835463e14afed29e5dc021faaebd5006

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    62f701715367c5543cf15a0709ba19bc

    SHA1

    70a505b15e7d20cbab60d2004a1628a60cdaea35

    SHA256

    91464d0a59cf67f025cbe79231fb7c1033371a256fd08c04ccdcd5df73c43296

    SHA512

    b2de02f82d29f7cb5802efe55ddcd4c32bd0671b343a04dcd68447b68eec043fb7023eefb281ce33eac7133860a69ac2ad5469f1673eeebd1b889718e42f3976

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1b76e977e6d27c1216e486143659633f

    SHA1

    96c3d1f7646ec1d60dd91700c41a2e4d91038867

    SHA256

    04d604a48c38bea806d85490e787c9049dc611d4b0293192e6def53c3d729ce1

    SHA512

    6162a2f0f1383ceb3bd8213dfc0847d772afa5f1e1b81fd0bd2c95b3fb00be3fe7243a93fe4fb2b27bea282752f4cb4aff13d354b28246d1df79de69210b5fd6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    69c12d3aa02d47c85bca6ba122984c79

    SHA1

    da5c3940262b950a1795b9c236dc6ae9b9cc78ef

    SHA256

    62ee7ff5d5a9477824773950d881a4e5d92d5a7b74ae2c114cf534dd088b4674

    SHA512

    9b124d5407a40eca1e2095983d8c948ab8324f7bdc8e068fd49a2ad3eb501f2cf767972f9dc830ace5847eeaf445c21812df8e94405c51e02f640d9b61b2399a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    870841fa14e8945047e5390ea4bb9893

    SHA1

    07525bae8b73eba84391d4e157317f5582e1ef5d

    SHA256

    84f0f87111aa33ee2648cc41163ab92340daf387a0cabaa993d61e93bd5927af

    SHA512

    27b58ffa167d1adfd8b004201a3c09576477a31694a321cefe42a757af194d50c459cfd44b30a725eeb6e997137e45e633e3c1ab256bd123faf5783a55b6728a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aa53cb88057966f42278cd5fc77d1644

    SHA1

    3005ce9a104c3acc12422de89376de20253de3fc

    SHA256

    0153b9575b54a5723f90b4d442f13c4a85ce6133a0d414bab5cd76ae9baa5c9a

    SHA512

    13ec7d3ab0df1fedf869139f770462b2ee0ded742edf2221d6cf226951cca7a86ce1e922b093fa9b5fc85968e4856443b402fe221984a595fe2ec2496c911b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD1D0.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD252.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit